package com.rocket.bedroom.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.rocket.bedroom.security.RedisCacheManager;
import com.rocket.bedroom.service.impl.LoginRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.cache.ehcache.EhCacheCacheManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @Author: 周毅
 * @ClassName:
 * @Description: TODO
 * @Date: Create in 16:09 2020/6/8
 * @ModifyBy:
 */
@Configuration
public class ShiroConfig
{

    //1、创建ShiroFilter
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager") DefaultSecurityManager defaultSecurityManager)
    {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //给filter设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultSecurityManager);


        //自定义fileter
        /*Map<String, Filter> filters = new LinkedHashMap<>();
        filters.put("authc", new ShiroFormAuthenticationFilter());
        shiroFilterFactoryBean.setFilters(filters);*/

        //配置系统的受限资源
        Map<String, String> filterMap = new LinkedHashMap<>();
        filterMap.put("/login", "anon");
        filterMap.put("/**", "authc");
        //设置系统资源规则
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
        shiroFilterFactoryBean.setLoginUrl("/loginpage");
//        shiroFilterFactoryBean.setSuccessUrl("/register");
        shiroFilterFactoryBean.setUnauthorizedUrl("/loginpage");

        return shiroFilterFactoryBean;
    }

    //2、创建安全管理器
    @Bean("defaultWebSecurityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("myRealm") Realm realm)
    {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(realm);

        return defaultWebSecurityManager;
    }

    //3、创建自定义Realm
    @Bean("myRealm")
    public Realm getRealm(@Qualifier("getHashedCredentialsMatcher") HashedCredentialsMatcher matcher)
    {
        LoginRealm loginRealm = new LoginRealm();
        //开启shiro缓存
        loginRealm.setCachingEnabled(true);
        loginRealm.setAuthenticationCachingEnabled(true);
        loginRealm.setAuthorizationCachingEnabled(true);
        loginRealm.setAuthenticationCacheName("authenticationName");
        loginRealm.setAuthorizationCacheName("authorizationName");
        //设置缓存管理器
        loginRealm.setCacheManager(new EhCacheManager());
//        loginRealm.setCacheManager(new RedisCacheManager());

        loginRealm.setCredentialsMatcher(matcher);
        return loginRealm;
    }

    /**
     * shiro 整合 thymeleaf
     *
     * @return
     */
    @Bean
    public ShiroDialect shiroDialect()
    {
        return new ShiroDialect();
    }


    /**
     * shiro 加密规则
     *
     * @return
     */
    @Bean("getHashedCredentialsMatcher")
    public HashedCredentialsMatcher hashedCredentialsMatcher()
    {
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("MD5");
        matcher.setHashIterations(1024);
        return matcher;
    }


}
